This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft File: 02QfqO0c_D2qI6qvjDp2_oftW6s.mft (raw, json) Hash identifier: HA4Fk2n8Cpc4FE6cTZ+GSSsPpSkIDEv/TEwp8Jgd2zA= Subject key identifier: E0:6B:15:AE:A7:52:3E:DE:67:69:04:AA:A2:BD:13:ED:C9:78:49:B9 Authority key identifier: D3:64:1F:A8:ED:1C:FC:3D:AA:23:AA:AF:8C:3A:76:FE:87:ED:5B:AB Certificate issuer: /CN=d3641fa8ed1cfc3daa23aaaf8c3a76fe87ed5bab Certificate serial: 019AF2095D3C7583AAAD0F28290DB60FCBED Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft Manifest number: 0E30 Signing time: Sat 06 Dec 2025 05:01:31 +0000 Manifest this update: Sat 06 Dec 2025 05:01:31 +0000 Manifest next update: Sun 07 Dec 2025 05:01:31 +0000 Files and hashes: 1: 02QfqO0c_D2qI6qvjDp2_oftW6s.crl (hash: YvzdI8KtadT9C+M9BT06VoJ6u1gQf4mzI3Dbt/bE2pI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:5d:3c:75:83:aa:ad:0f:28:29:0d:b6:0f:cb:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d3641fa8ed1cfc3daa23aaaf8c3a76fe87ed5bab Validity Not Before: Dec 6 05:01:31 2025 GMT Not After : Dec 7 05:01:31 2025 GMT Subject: CN=e06b15aea7523ede676904aaa2bd13edc97849b9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:e0:d2:78:c1:c4:90:5b:f1:96:be:1a:7b:3c: cb:49:c1:fd:49:42:7b:c1:01:af:87:05:b9:8a:c9: f0:f6:fc:15:c9:6f:f6:b8:9f:15:7f:d9:d4:e8:68: 00:54:ff:36:c6:e2:c6:94:f0:ab:09:53:29:f1:de: 6a:0e:9e:a3:5c:72:0e:63:79:27:81:b2:3b:43:e4: 9b:f9:7d:12:5c:ba:fe:34:8e:d3:95:27:42:bc:5f: e5:a6:c5:9f:9e:35:47:c6:8f:ae:5f:97:f8:a1:f5: 48:73:9d:0e:39:b3:71:e3:0e:f8:48:b9:63:f9:cd: 30:0c:90:2d:78:0b:11:bf:dc:1f:d0:1b:ee:bf:a5: 9a:e2:10:bf:4b:20:ba:6c:45:9f:2b:6c:60:e4:85: 97:63:63:70:37:6a:28:b0:5c:22:73:bb:18:7a:f0: 05:c9:19:d8:4b:e7:e7:9d:a8:39:88:0f:a2:58:6f: a7:75:f2:c8:97:17:9f:89:08:26:06:98:8c:63:2e: 3a:28:5a:13:34:95:7a:72:c7:e6:f5:f1:47:2a:7c: 2c:1e:06:40:81:7c:c4:68:27:26:5f:c0:d1:0e:68: a2:88:7a:01:c1:a1:8d:5e:3c:08:c5:42:d1:93:9c: f6:ca:f8:05:8b:97:39:f9:7b:4b:a9:6a:af:c5:4a: d9:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:6B:15:AE:A7:52:3E:DE:67:69:04:AA:A2:BD:13:ED:C9:78:49:B9 X509v3 Authority Key Identifier: keyid:D3:64:1F:A8:ED:1C:FC:3D:AA:23:AA:AF:8C:3A:76:FE:87:ED:5B:AB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:85:5f:79:87:a8:eb:90:2a:0e:f5:83:a1:c2:09:01:9b:f0: 02:02:d8:e4:32:ef:2e:4f:cb:c0:3f:02:68:7a:e8:91:b9:31: 70:9a:4b:14:dc:f1:cb:e6:39:88:ef:f4:9b:38:64:27:36:89: 04:04:4c:0e:01:5d:b2:c8:8b:89:19:98:54:61:e3:82:cd:09: 21:45:79:79:5b:b1:9b:93:a2:e9:60:2e:87:97:66:7f:a5:64: b3:1b:c5:2c:e7:ee:d2:5c:90:51:4e:7d:92:aa:38:e9:b2:bc: ba:47:10:af:9c:12:71:65:53:38:d1:2e:ad:a3:e3:d5:8f:a0: 59:46:5d:fb:0a:33:ea:6d:2e:08:d5:aa:ef:77:c2:9a:fa:d9: 1f:dc:10:9d:b5:d4:50:22:5f:78:93:a0:ea:9a:6d:df:98:61: fa:71:0d:51:96:f3:10:85:77:1f:13:2b:ab:76:e3:6b:05:37: 98:e7:dc:7a:cd:c1:72:09:48:71:86:e1:3e:69:e8:9f:b4:37: 0a:3a:af:b1:58:74:1a:55:3a:26:54:a7:bf:7a:c5:9b:fb:34: 0f:96:71:1c:ed:02:5f:62:90:e6:9e:25:cf:be:2a:43:be:55: 3b:60:15:dd:70:8b:0f:90:b9:cd:be:f1:f8:1c:3c:de:ab:16: 1d:d3:34:48 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCV08dYOqrQ8oKQ22D8vtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzNjQxZmE4ZWQxY2ZjM2RhYTIzYWFhZjhjM2E3NmZlODdl ZDViYWIwHhcNMjUxMjA2MDUwMTMxWhcNMjUxMjA3MDUwMTMxWjAzMTEwLwYDVQQD EyhlMDZiMTVhZWE3NTIzZWRlNjc2OTA0YWFhMmJkMTNlZGM5Nzg0OWI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuDSeMHEkFvxlr4aezzLScH9SUJ7 wQGvhwW5isnw9vwVyW/2uJ8Vf9nU6GgAVP82xuLGlPCrCVMp8d5qDp6jXHIOY3kn gbI7Q+Sb+X0SXLr+NI7TlSdCvF/lpsWfnjVHxo+uX5f4ofVIc50OObNx4w74SLlj +c0wDJAteAsRv9wf0Bvuv6Wa4hC/SyC6bEWfK2xg5IWXY2NwN2oosFwic7sYevAF yRnYS+fnnag5iA+iWG+ndfLIlxefiQgmBpiMYy46KFoTNJV6csfm9fFHKnwsHgZA gXzEaCcmX8DRDmiiiHoBwaGNXjwIxULRk5z2yvgFi5c5+XtLqWqvxUrZmwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOBrFa6nUj7eZ2kEqqK9E+3JeEm5MB8GA1UdIwQY MBaAFNNkH6jtHPw9qiOqr4w6dv6H7VurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81OWQxMDktOGIwNi00ZGRkLWJjMjAt OTk0MTk5MmM5YzI0LzEvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC81OWQxMDktOGIwNi00ZGRkLWJjMjAtOTk0MTk5MmM5YzI0 LzEvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANIVfeYeo 65AqDvWDocIJAZvwAgLY5DLvLk/LwD8CaHrokbkxcJpLFNzxy+Y5iO/0mzhkJzaJ BARMDgFdssiLiRmYVGHjgs0JIUV5eVuxm5Oi6WAuh5dmf6VksxvFLOfu0lyQUU59 kqo46bK8ukcQr5wScWVTONEuraPj1Y+gWUZd+woz6m0uCNWq73fCmvrZH9wQnbXU UCJfeJOg6ppt35hh+nENUZbzEIV3HxMrq3bjawU3mOfces3BcglIcYbhPmnon7Q3 CjqvsVh0GlU6JlSnv3rFm/s0D5ZxHO0CX2KQ5p4lz74qQ75VO2AV3XCLD5C5zb7x +Bw83qsWHdM0SA== -----END CERTIFICATE-----Generated at Sat Dec 6 11:01:01 2025 by rpki-client